feat: validate ip_range must be within RFC-1918 on save

API: rejects ip_range outside 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 with a 400 error before saving to config. UI: isRFC1918Cidr() validates on every keystroke; error message shown inline below the field; Save Identity button disabled while the value is invalid. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-24 00:33:30 -04:00
parent 60cf223293
commit 323729e1ab
2 changed files with 56 additions and 7 deletions
@@ -435,6 +435,25 @@ def update_config():
        # Handle identity fields (cell_name, domain, ip_range, wireguard_port)
        identity_keys = {'cell_name', 'domain', 'ip_range', 'wireguard_port'}
        identity_updates = {k: v for k, v in data.items() if k in identity_keys}
+
+        # Validate ip_range — must be a valid CIDR within an RFC-1918 range
+        if 'ip_range' in identity_updates:
+            import ipaddress as _ipa
+            _rfc1918 = [
+                _ipa.ip_network('10.0.0.0/8'),
+                _ipa.ip_network('172.16.0.0/12'),
+                _ipa.ip_network('192.168.0.0/16'),
+            ]
+            try:
+                _net = _ipa.ip_network(identity_updates['ip_range'], strict=False)
+                if not any(_net.subnet_of(r) for r in _rfc1918):
+                    return jsonify({'error': (
+                        'ip_range must be within an RFC-1918 private range '
+                        '(10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16)'
+                    )}), 400
+            except ValueError as _e:
+                return jsonify({'error': f'Invalid ip_range: {_e}'}), 400
+
        # Capture old identity and service configs BEFORE saving, for change detection
        old_identity = dict(config_manager.configs.get('_identity', {}))
        old_svc_configs = {